Cisco Systems 3200 User Manual
C-1
Cisco 3200 Series Router Hardware Reference
OL-5816-10
A P P E N D I X
C
Switch Port Functionality
The 10/100 Fast Ethernet ports on the Cisco 3200 Series router FESMIC default to Layer 2 switch ports.
The FESMIC is a “learning bridge,” as defined in 802.1D with the Virtual Local Area Network (VLAN)
capabilities of 802.1P/Q. The BCM5618 is fully capable of line-rate switching for all four 10/100 Fast
Ethernet ports.
The FESMIC is a “learning bridge,” as defined in 802.1D with the Virtual Local Area Network (VLAN)
capabilities of 802.1P/Q. The BCM5618 is fully capable of line-rate switching for all four 10/100 Fast
Ethernet ports.
VLANs provide the segmentation services traditionally provided by routers in LAN configurations, as
shown in
shown in
. VLANs make it easy to move an network or to change a network design.
•
Broadcast control—Just as switches physically isolate collision domains for attached hosts and only
forward traffic out a particular port, VLANs provide logical collision domains that confine
broadcast and multicast traffic to the bridging domain.VLANs solve the scalability problems of
large flat networks by breaking a single broadcast domain into several smaller broadcast domains.
forward traffic out a particular port, VLANs provide logical collision domains that confine
broadcast and multicast traffic to the bridging domain.VLANs solve the scalability problems of
large flat networks by breaking a single broadcast domain into several smaller broadcast domains.
•
Security—VLANs improve security by isolating groups. High-security users can be grouped into a
VLAN, possibly on the same physical segment. If you do not include a router in a VLAN, no one
outside that VLAN can communicate with the users inside the VLAN and vice versa. This extreme
level of security can be highly desirable. Users outside that VLAN cannot penetrate into the VLAN
without an appropriate routing through secure Layer 3 routing services.
VLAN, possibly on the same physical segment. If you do not include a router in a VLAN, no one
outside that VLAN can communicate with the users inside the VLAN and vice versa. This extreme
level of security can be highly desirable. Users outside that VLAN cannot penetrate into the VLAN
without an appropriate routing through secure Layer 3 routing services.
•
Performance—Users that require high-performance networking can be assigned to their own VLAN.
You might, for example, assign an engineer who is testing a multicast application and the servers
that the engineer is using to a single VLAN. The engineer experiences improved network
performance by being on a “dedicated LAN.” The rest of the engineering group experiences
improved network performance, because the traffic generated by the network-intensive application
is isolated to another VLAN. This of course implies some areas of physical isolation of separate
VLANs or prioritized service by tagging support and prioritized queuing classes within the switches
and bridges of the 802.1Q VLAN.
You might, for example, assign an engineer who is testing a multicast application and the servers
that the engineer is using to a single VLAN. The engineer experiences improved network
performance by being on a “dedicated LAN.” The rest of the engineering group experiences
improved network performance, because the traffic generated by the network-intensive application
is isolated to another VLAN. This of course implies some areas of physical isolation of separate
VLANs or prioritized service by tagging support and prioritized queuing classes within the switches
and bridges of the 802.1Q VLAN.
•
Network management—Software on the switch allows you to assign users to VLANs. Changing the
cabling to change connectivity is no longer necessary in the switched LAN environment because
network management tools allow you to reconfigure the LAN logically in seconds.
cabling to change connectivity is no longer necessary in the switched LAN environment because
network management tools allow you to reconfigure the LAN logically in seconds.